RubyGems - aws-sdk - Versions diffs - 1.30.1 → 1.31.0 - Mend

aws-sdk 1.30.1 → 1.31.0

Files changed (126) hide show

checksums.yaml +4 -4
data/README.md +6 -3
data/lib/aws/api_config/CloudFront-2013-11-11.yml +2886 -0
data/lib/aws/api_config/CloudTrail-2013-11-01.yml +36 -0
data/lib/aws/api_config/ElasticTranscoder-2012-09-25.yml +67 -446
data/lib/aws/auto_scaling.rb +0 -1
data/lib/aws/auto_scaling/client.rb +2 -0
data/lib/aws/cloud_formation.rb +0 -1
data/lib/aws/cloud_formation/client.rb +2 -0
data/lib/aws/cloud_front.rb +0 -1
data/lib/aws/cloud_front/client.rb +6 -6
data/lib/aws/cloud_search.rb +0 -1
data/lib/aws/cloud_search/client.rb +3 -0
data/lib/aws/cloud_trail.rb +0 -1
data/lib/aws/cloud_trail/client.rb +2 -0
data/lib/aws/cloud_watch.rb +0 -1
data/lib/aws/cloud_watch/client.rb +2 -0
data/lib/aws/core.rb +8 -6
data/lib/aws/core/client.rb +30 -4
data/lib/aws/core/configuration.rb +1 -1
data/lib/aws/core/http/request.rb +2 -1
data/lib/aws/core/signers/base.rb +46 -0
data/lib/aws/core/signers/cloud_front.rb +56 -0
data/lib/aws/core/signers/s3.rb +159 -0
data/lib/aws/core/signers/version_2.rb +72 -0
data/lib/aws/core/signers/version_3.rb +86 -0
data/lib/aws/core/signers/version_3_https.rb +61 -0
data/lib/aws/core/signers/version_4.rb +228 -0
data/lib/aws/core/signers/version_4/chunk_signed_stream.rb +191 -0
data/lib/aws/data_pipeline.rb +0 -1
data/lib/aws/data_pipeline/client.rb +3 -0
data/lib/aws/direct_connect.rb +0 -1
data/lib/aws/direct_connect/client.rb +3 -0
data/lib/aws/dynamo_db.rb +0 -1
data/lib/aws/dynamo_db/client.rb +2 -0
data/lib/aws/ec2.rb +0 -1
data/lib/aws/ec2/client.rb +21 -0
data/lib/aws/elastic_beanstalk.rb +0 -1
data/lib/aws/elastic_beanstalk/client.rb +3 -0
data/lib/aws/elastic_transcoder.rb +0 -1
data/lib/aws/elastic_transcoder/client.rb +2 -0
data/lib/aws/elasticache.rb +0 -1
data/lib/aws/elasticache/client.rb +2 -0
data/lib/aws/elb.rb +0 -1
data/lib/aws/elb/client.rb +2 -0
data/lib/aws/emr.rb +0 -1
data/lib/aws/emr/client.rb +2 -0
data/lib/aws/glacier.rb +0 -1
data/lib/aws/glacier/client.rb +2 -0
data/lib/aws/iam.rb +0 -1
data/lib/aws/iam/client.rb +2 -0
data/lib/aws/import_export.rb +0 -1
data/lib/aws/import_export/client.rb +2 -0
data/lib/aws/kinesis.rb +0 -1
data/lib/aws/kinesis/client.rb +2 -0
data/lib/aws/ops_works.rb +0 -1
data/lib/aws/ops_works/client.rb +2 -0
data/lib/aws/rds.rb +0 -1
data/lib/aws/rds/client.rb +2 -0
data/lib/aws/redshift.rb +0 -1
data/lib/aws/redshift/client.rb +2 -0
data/lib/aws/route_53.rb +0 -1
data/lib/aws/route_53/client.rb +2 -0
data/lib/aws/s3.rb +1 -0
data/lib/aws/s3/bucket_collection.rb +9 -7
data/lib/aws/s3/client.rb +70 -9
data/lib/aws/s3/config.rb +12 -0
data/lib/aws/s3/object_collection.rb +4 -9
data/lib/aws/s3/presign_v4.rb +127 -0
data/lib/aws/s3/presigned_post.rb +1 -1
data/lib/aws/s3/request.rb +0 -136
data/lib/aws/s3/s3_object.rb +40 -19
data/lib/aws/simple_db.rb +0 -1
data/lib/aws/simple_db/client.rb +2 -0
data/lib/aws/simple_email_service.rb +0 -1
data/lib/aws/simple_email_service/client.rb +2 -0
data/lib/aws/simple_workflow.rb +0 -1
data/lib/aws/simple_workflow/client.rb +2 -0
data/lib/aws/sns.rb +0 -1
data/lib/aws/sns/client.rb +2 -0
data/lib/aws/sqs.rb +0 -1
data/lib/aws/sqs/client.rb +2 -0
data/lib/aws/storage_gateway.rb +0 -1
data/lib/aws/storage_gateway/client.rb +2 -0
data/lib/aws/sts.rb +0 -1
data/lib/aws/sts/client.rb +2 -0
data/lib/aws/support.rb +0 -1
data/lib/aws/support/client.rb +2 -0
data/lib/aws/version.rb +1 -1
metadata +12 -38
data/lib/aws/auto_scaling/request.rb +0 -29
data/lib/aws/cloud_formation/request.rb +0 -29
data/lib/aws/cloud_front/request.rb +0 -30
data/lib/aws/cloud_search/request.rb +0 -23
data/lib/aws/cloud_trail/request.rb +0 -30
data/lib/aws/cloud_watch/request.rb +0 -29
data/lib/aws/core/signature/version_2.rb +0 -56
data/lib/aws/core/signature/version_3.rb +0 -77
data/lib/aws/core/signature/version_3_https.rb +0 -54
data/lib/aws/core/signature/version_4.rb +0 -135
data/lib/aws/core/signer.rb +0 -46
data/lib/aws/data_pipeline/request.rb +0 -26
data/lib/aws/direct_connect/request.rb +0 -27
data/lib/aws/dynamo_db/request.rb +0 -26
data/lib/aws/ec2/request.rb +0 -21
data/lib/aws/elastic_beanstalk/request.rb +0 -29
data/lib/aws/elastic_transcoder/request.rb +0 -30
data/lib/aws/elasticache/request.rb +0 -23
data/lib/aws/elb/request.rb +0 -29
data/lib/aws/emr/request.rb +0 -28
data/lib/aws/glacier/request.rb +0 -29
data/lib/aws/iam/request.rb +0 -29
data/lib/aws/import_export/request.rb +0 -23
data/lib/aws/kinesis/request.rb +0 -26
data/lib/aws/ops_works/request.rb +0 -27
data/lib/aws/rds/request.rb +0 -29
data/lib/aws/redshift/request.rb +0 -29
data/lib/aws/route_53/request.rb +0 -23
data/lib/aws/simple_db/request.rb +0 -23
data/lib/aws/simple_email_service/request.rb +0 -27
data/lib/aws/simple_workflow/request.rb +0 -28
data/lib/aws/sns/request.rb +0 -29
data/lib/aws/sqs/request.rb +0 -31
data/lib/aws/storage_gateway/request.rb +0 -28
data/lib/aws/sts/request.rb +0 -29
data/lib/aws/support/request.rb +0 -27

@@ -43,7 +43,6 @@ module AWS
     autoload :Client, 'aws/kinesis/client'
     autoload :Errors, 'aws/kinesis/errors'
-    autoload :Request, 'aws/kinesis/request'
     include Core::ServiceInterface

data/lib/aws/kinesis/client.rb CHANGED

@@ -19,6 +19,8 @@ module AWS
       API_VERSION = '2013-12-02'
+      signature_version :Version4, 'kinesis'
       # @api private
       CACHEABLE_REQUESTS = Set[]

data/lib/aws/ops_works.rb CHANGED

@@ -20,7 +20,6 @@ module AWS
     autoload :Client, 'aws/ops_works/client'
     autoload :Errors, 'aws/ops_works/errors'
-    autoload :Request, 'aws/ops_works/request'
     include Core::ServiceInterface

data/lib/aws/ops_works/client.rb CHANGED

@@ -19,6 +19,8 @@ module AWS
       API_VERSION = '2013-02-18'
+      signature_version :Version4, 'opsworks'
       # @api private
       CACHEABLE_REQUESTS = Set[]

data/lib/aws/rds.rb CHANGED

@@ -49,7 +49,6 @@ module AWS
     autoload :DBInstanceCollection, 'aws/rds/db_instance_collection'
     autoload :DBSnapshot, 'aws/rds/db_snapshot'
     autoload :DBSnapshotCollection, 'aws/rds/db_snapshot_collection'
-    autoload :Request, 'aws/rds/request'
     include Core::ServiceInterface

data/lib/aws/rds/client.rb CHANGED

@@ -19,6 +19,8 @@ module AWS
       API_VERSION = '2013-09-09'
+      signature_version :Version4, 'rds'
       # @api private
       CACHEABLE_REQUESTS = Set[]

data/lib/aws/redshift.rb CHANGED

@@ -42,7 +42,6 @@ module AWS
     autoload :Client, 'aws/redshift/client'
     autoload :Errors, 'aws/redshift/errors'
-    autoload :Request, 'aws/redshift/request'
     include Core::ServiceInterface

data/lib/aws/redshift/client.rb CHANGED

@@ -19,6 +19,8 @@ module AWS
       API_VERSION = '2012-12-01'
+      signature_version :Version4, 'redshift'
       # @api private
       CACHEABLE_REQUESTS = Set[]

data/lib/aws/route_53.rb CHANGED

@@ -70,7 +70,6 @@ module AWS
     autoload :Errors, 'aws/route_53/errors'
     autoload :HostedZone, 'aws/route_53/hosted_zone'
     autoload :HostedZoneCollection, 'aws/route_53/hosted_zone_collection'
-    autoload :Request, 'aws/route_53/request'
     autoload :ResourceRecordSet, 'aws/route_53/resource_record_set'
     autoload :ResourceRecordSetCollection, 'aws/route_53/resource_record_set_collection'

data/lib/aws/route_53/client.rb CHANGED

@@ -19,6 +19,8 @@ module AWS
       API_VERSION = '2012-12-12'
+      signature_version :Version3Https
       # @api private
       CACHEABLE_REQUESTS = Set[]

data/lib/aws/s3.rb CHANGED

@@ -134,6 +134,7 @@ module AWS
     autoload :PrefixAndDelimiterCollection, 'aws/s3/prefix_and_delimiter_collection'
     autoload :PrefixedCollection, 'aws/s3/prefixed_collection'
     autoload :PresignedPost, 'aws/s3/presigned_post'
+    autoload :PresignV4, 'aws/s3/presign_v4'
     autoload :Request, 'aws/s3/request'
     autoload :S3Object, 'aws/s3/s3_object'
     autoload :Tree, 'aws/s3/tree'

data/lib/aws/s3/bucket_collection.rb CHANGED

@@ -102,11 +102,7 @@ module AWS
           config.s3_endpoint == 's3.amazonaws.com' or
           options[:location_constraint]
         then
-          constraint =
-            case config.s3_endpoint
-            when 's3-eu-west-1.amazonaws.com' then 'EU'
-            when /^s3-(.*)\.amazonaws\.com$/ then $1
-            end
+          constraint = guess_constraint
           options[:location_constraint] = constraint if constraint
         end
@@ -148,13 +144,19 @@ module AWS
         nil
       end
-      # @api private
       private
       def bucket_named name, owner = nil
         S3::Bucket.new(name.to_s, :owner => owner, :config => config)
       end
-    end
+      def guess_constraint
+        case config.s3_endpoint
+        when 's3-eu-west-1.amazonaws.com' then 'EU'
+        when /^s3[.-](.*)\.amazonaws\.com/ then $1
+        end
+      end
+    end
   end
 end

data/lib/aws/s3/client.rb CHANGED

@@ -25,6 +25,8 @@ module AWS
     # Client class for Amazon Simple Storage Service (S3).
     class Client < Core::Client
+      signature_version :S3
       API_VERSION = '2006-03-01'
       XMLNS = "http://s3.amazonaws.com/doc/#{API_VERSION}/"
@@ -45,8 +47,41 @@ module AWS
       include DataOptions
       include Core::UriEscape
+      # @param [Core::Http::Request] request
+      # @api private
+      def sign_request request
+        version = @config.s3_signature_version ?
+          @config.s3_signature_version.to_sym :
+          (@region =~ /cn-/ ? :v4 : :v3)
+        case version
+        when :v4 then v4_signer.sign_request(request)
+        when :v3 then v3_signer.sign_request(request)
+        else
+          raise "invalid signature version #{version.inspect}"
+        end
+      end
       protected
+      # @return [Core::Signers::S3]
+      def v3_signer
+        @v3_signer ||= Core::Signers::S3.new(credential_provider)
+      end
+      # @return [Core::Signers::Version4]
+      def v4_signer
+        @v4_signer ||= begin
+          Core::Signers::Version4.new(credential_provider, 's3', @region)
+        end
+      end
+      # @param [Http::Request] req
+      # @return [Boolean]
+      def chunk_sign? req
+        req.http_method == 'PUT' &&
+        req.headers['content-length'].to_i > 2 * 1024 * 1024 # 2MB
+      end
       def self.bucket_method(method_name, verb, *args, &block)
         method_options = (args.pop if args.last.kind_of?(Hash)) || {}
@@ -101,6 +136,32 @@ module AWS
       protected
+      def set_metadata request, options
+        if metadata = options[:metadata]
+          Array(metadata).each do |name, value|
+            request.headers["x-amz-meta-#{name}"] = value
+          end
+        end
+      end
+      def set_storage_class request, options
+        storage_class = options[:storage_class]
+        if storage_class.kind_of?(Symbol)
+          request.headers["x-amz-storage-class"] = storage_class.to_s.upcase
+        elsif storage_class
+          request.headers["x-amz-storage-class"] = storage_class
+        end
+      end
+      def set_server_side_encryption request, options
+        sse = options[:server_side_encryption]
+        if sse.is_a?(Symbol)
+          request.headers['x-amz-server-side-encryption'] = sse.to_s.upcase
+        elsif sse
+          request.headers['x-amz-server-side-encryption'] = sse
+        end
+      end
       def extract_error_details response
         if
           (response.http_response.status >= 300 ||
@@ -1314,9 +1375,9 @@ module AWS
           options = compute_write_options(options)
           set_body_stream_and_content_length(request, options)
-          request.metadata = options[:metadata]
-          request.storage_class = options[:storage_class]
-          request.server_side_encryption = options[:server_side_encryption]
+          set_metadata(request, options)
+          set_storage_class(request, options)
+          set_server_side_encryption(request, options)
           super(request, options)
@@ -1563,9 +1624,9 @@ module AWS
                     }) do
         configure_request do |req, options|
-          req.metadata = options[:metadata]
-          req.storage_class = options[:storage_class]
-          req.server_side_encryption = options[:server_side_encryption]
+          set_metadata(req, options)
+          set_storage_class(req, options)
+          set_server_side_encryption(req, options)
           super(req, options)
         end
@@ -1805,9 +1866,9 @@ module AWS
           options = options.merge(:copy_source => escape_path(options[:copy_source]))
           super(req, options)
-          req.metadata = options[:metadata]
-          req.storage_class = options[:storage_class]
-          req.server_side_encryption = options[:server_side_encryption]
+          set_metadata(req, options)
+          set_storage_class(req, options)
+          set_server_side_encryption(req, options)
           if options[:version_id]
             req.headers['x-amz-copy-source'] += "?versionId=#{options[:version_id]}"

data/lib/aws/s3/config.rb CHANGED

@@ -39,4 +39,16 @@ AWS::Core::Configuration.module_eval do
   add_option :s3_storage_class, 'STANDARD'
+  add_option :s3_signature_version do |config, value|
+    if config.s3_region.match(/^cn-/)
+      :v4
+    elsif value
+      value
+    elsif config.s3 && config.s3[:signature_version]
+      config.s3[:signature_version]
+    else
+      :v3
+    end
+  end
 end

data/lib/aws/s3/object_collection.rb CHANGED

@@ -282,8 +282,8 @@ module AWS
         super
       end
-      # @api private
-      protected
+      private
       def each_member_in_page(page, &block)
         super
         page.contents.each do |content|
@@ -291,20 +291,14 @@ module AWS
         end
       end
-      # @api private
-      protected
       def list_request options
         client.list_objects(options)
       end
-      # @api private
-      protected
       def limit_param
         :max_keys
       end
-      # @api private
-      protected
       def next_markers page
         if page[:next_marker]
           marker = page[:next_marker]
@@ -344,7 +338,8 @@ module AWS
           process_batch unless @batch.empty?
         end
-        protected
+        private
         def process_batch
           response = @block.call(@batch)
           @after_batch.call(response) if @after_batch

data/lib/aws/s3/presign_v4.rb ADDED

@@ -0,0 +1,127 @@
+# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+module AWS
+  class S3
+    # Utility class for building pre-signed URLs for Amazon S3 objects using
+    # signature version 4.
+    class PresignV4
+      # @param [S3Object] object
+      def initialize(object)
+        @object = object
+        @client = object.client
+        @signer = object.client.send(:v4_signer)
+      end
+      # @return [S3Object]
+      attr_reader :object
+      # @return [Client]
+      attr_reader :client
+      # @return [Core::Signers::Version4]
+      attr_reader :signer
+      # @param (see S3Object#url_for)
+      # @option (see S3Object#url_for)
+      # @return (see S3Object#url_for)
+      def presign(method, options = {})
+        now = Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
+        request = build_request(method, options)
+        request.headers.clear
+        request.headers['host'] = request.host
+        signed_headers = 'Host'
+        # must be sent along with the PUT request headers
+        if options[:acl]
+          request.headers['X-Amz-Acl'] = options[:acl].to_s.gsub(/_/, '-')
+          signed_headers << ';X-Amz-Acl'
+        end
+        # must be sent along with the PUT request headers
+        if options[:content_md5]
+          request.headers['Content-MD5'] = options[:content_md5]
+          signed_headers << ';Content-MD5'
+        end
+        request_params = Core::Signers::S3::QUERY_PARAMS.map do |p|
+          param = p.tr("-","_").to_sym
+          if options.key?(param)
+            request.add_param(p, options[param])
+          end
+        end
+        request.add_param("X-Amz-Algorithm", "AWS4-HMAC-SHA256")
+        request.add_param("X-Amz-Date", now)
+        request.add_param("X-Amz-SignedHeaders", signed_headers)
+        request.add_param("X-Amz-Expires", seconds_away(options[:expires]))
+        request.add_param("X-Amz-Credential", signer.credential(now))
+        request.add_param("X-Amz-Signature", signature(request, now))
+        build_uri(request, options)
+      end
+      private
+      def build_request(method, options)
+        path_style = object.config.s3_force_path_style
+        params = options.merge(
+          :bucket_name => object.bucket.name,
+          :key => object.key,
+          :data => '',
+        )
+        req = client.send(:build_request, operation_name(method), params)
+        req.force_path_style = options.fetch(:force_path_style, path_style)
+        req
+      end
+      def operation_name(method)
+        case method
+        when :get, :read then :get_object
+        when :put, :write then :put_object
+        when :delete then :delete_object
+        else
+          msg = "invalid method, expected :get, :put or :delete, got "
+          msg << method.inspect
+          raise ArgumentError msg
+        end
+      end
+      def signature(request, datetime)
+        key = signer.derive_key(datetime)
+        signer.signature(request, key, datetime, 'UNSIGNED-PAYLOAD')
+      end
+      def build_uri(request, options)
+        uri_class = options[:secure] ? URI::HTTPS : URI::HTTP
+        uri_class.build(
+          :host => request.host,
+          :port => request.port,
+          :path => request.path,
+          :query => request.querystring
+        )
+      end
+      def seconds_away(expires)
+        expires - Time.now.to_i
+      end
+    end
+  end
+end

data/lib/aws/s3/presigned_post.rb CHANGED

@@ -342,7 +342,7 @@ module AWS
       def fields
         secret = config.credential_provider.secret_access_key
-        signature = Core::Signer.sign(secret, policy, 'sha1')
+        signature = Core::Signers::Base.sign(secret, policy, 'sha1')
         fields = {
           "AWSAccessKeyId" => config.credential_provider.access_key_id,